Free PT0-002 Exam Dumps

Question 11

A penetration tester conducted an assessment on a web server. The logs from this session show the following:
http://www.thecompanydomain.com/servicestatus.php?serviceID=892&serviceID=892 ‘ ; DROP TABLE SERVICES; -
Which of the following attacks is being attempted?

A. Clickjacking
B. Session hijacking
C. Parameter pollution
D. Cookie hijacking
E. Cross-site scripting

Correct Answer:C

Question 12

A penetration tester performs the following command: curl –I –http2 https://www.comptia.org
Which of the following snippets of output will the tester MOST likely receive?
PT0-002 dumps exhibit

A. Option A
B. Option B
C. Option C
D. Option D

Correct Answer:A

Question 13

A penetration tester wants to scan a target network without being detected by the client’s IDS. Which of the following scans is MOST likely to avoid detection?

A. nmap –p0 –T0 –sS 192.168.1.10
B. nmap –sA –sV --host-timeout 60 192.168.1.10
C. nmap –f --badsum 192.168.1.10
D. nmap –A –n 192.168.1.10

Correct Answer:B

Question 14

Appending string values onto another string is called:

A. compilation
B. connection
C. concatenation
D. conjunction

Correct Answer:C

Question 15

A large client wants a penetration tester to scan for devices within its network that are Internet facing. The client is specifically looking for Cisco devices with no authentication requirements. Which of the following settings in Shodan would meet the client’s requirements?

A. “cisco-ios” “admin+1234”
B. “cisco-ios” “no-password”
C. “cisco-ios” “default-passwords”
D. “cisco-ios” “last-modified”

Correct Answer:A

The certification names are the trademarks of their respective owners. testpreplab.com certstest.com